Our Research at Cuberk Solutions
Building a Stronger, More Secure Future
Somewhere, something incredible is waiting to be known
This quote often attributed to Carl Sagan. Although it is not certain that he said these exact words, Sagan was known for his passion for exploration and discovery. This quote reflects his belief that there is always more to learn and discover in the world aronud us. Whether you are a scientist, artist or simply curious about the world, this quote is a reminder to always be open to new experiences and ideas.
At Cuberk Solutions, we strongly believe in the importance of continuous research and learning in the field of information security. Our team is dedicated to staying up-to-date on the latest trends and technologies and we are committed to applying this deep knowledge to help our clients secure their systems and data.
We are passionate about finding solutions to complex security challenges and are constantly seeking out new ways to innovate and improve our services. Whether through penetration testing, secure code review, or training progrmas, we strive to deliver exceptional results to our clients and make a positive impact on the industry.
As a company, we are committed to conducting research and sharing our findings with the wider community. We believe that by collaborating and sharing knowledge, we can help advance the field of information security and make the world a safer place for everyone.
So if you're looking for a team that is dedicated to research, innovation, and helping you secure your systems and data, look no further than Cuberk Solutions. We would be happy to work with you and help you achieve your security goals.
For in-depth insights into our security research, visit our blog.
Our Security Advisories
CVE-2023-43261
Published: 2023-09-18An information disclosure in Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 allows attackers to access sensitive router components.
Severity: HIGH (CVSS 7.5/10)CVE-2023-43260
Published: 2023-09-18Milesight UR5X, UR32L, UR32, UR35, UR41 before v35.3.0.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the admin panel.
Severity: MEDIUM (CVSS 6.5/10)CVE-2020-22986
Published: 2020-08-13Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the searchString parameter to the wikiScrapper task.
Severity: MEDIUM (CVSS 6.5/10)CVE-2020-22987
Published: 2020-08-13Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the fileToUpload parameter to the uploadFile task.
Severity: MEDIUM (CVSS 6.5/10)CVE-2020-22983
Published: 2020-08-13A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task.
Severity: HIGH (CVSS 8.1/10)CVE-2020-22984
Published: 2020-08-13Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via key parameter to the getGoogleExtraConfig task.
Severity: MEDIUM (CVSS 6.1/10)CVE-2020-22985
Published: 2020-08-13Cross-Site Scripting (XSS) vulnerability in MicroStrategy Web SDK 10.11 and earlier, allows remote unauthenticated attackers to execute arbitrary code via the key parameter to the getESRIExtraConfig task.
Severity: MEDIUM (CVSS 6.1/10)